沈晴霓
近期热点
资料介绍
个人简历
个人简介是我国自主研发“结构化保护级安胜安全操作系统”的主要完成人之一。负责和参加了20多项国家级、省部级和企业合作科研项目,包括:国家基金重点/面上、核高基重大、国家863等国家项目;中科院知识创新工程,北京市自然科学基金、深圳市科技攻关等省部项目;华为、IBM、Intel、AWS、八分量等企业合作项目等。发表学术论文80多篇,其中70多篇SCI/EI检索,包括CCS,ACSAC,RAID,ICWS,IPDPS,AsiaCCS,ICICS,SecureComm,COMPSAC,TrustCom,ICC,CLOUD,HPCC,NPC等高质量国际会议。申请发明专利30多项(其中已授权中国专利22项、美国专利1项、欧洲专利1项),登记软件著作权13项。编著《操作系统安全设计》(北京市精品教材、北京大学精品教材)与《操作系统安全》(第2版)(十一五国家规划教材),主讲的“操作系统与虚拟化安全”课程被评为国家精品在线开放课程。2013年度获北京大学“杨芙清-王阳元院士优秀教学科研奖”,2016年度获北京大学教学优秀奖。个人简历1992.9-1994.7获中国科学院长春光学精密机械与物理研究所工学硕士学位2002.9-2006.7获中国科学院软件研究所工学博士学位1994.7-2002.8北京理工大学电子工程系教师先后在计算机应用基础教研室、信息安全与对抗技术实验室从事教研工作2006.9-北京大学软件与微电子学院教师先后担任信息安全系副系主任、软件技术与服务工程学科组副组长主讲课程《操作系统与虚拟化安全》(国家精品在线开放课程)全球慕课平台:https://www.coursera.org/course/os-virtsecurity华文慕课平台:http://www.chinesemooc.org/mooc/4391《网络空间安全导论》(通识课)《大数据与云安全专题》《大数据安全与隐私保护》负责和参与的主要项目1.北大软微-八分量协同创新实验室项目“区块链安全关键技术研究”,负责人,2018-20202.国家自然科学基金面上项目“构建高可信云操作系统的若干关键技术研究”(61672062),负责人,2017-20203.国家自然科学基金重点项目“云存储的隐私保护与安全保障机制”(61232005),副组长,2013-20174.国家高技术研究发展计划863课题,“云安全的可信服务及示范应用”,副组长,2015-20175.AWS合作研发项目“基于AWS的教育云课堂安全与隐私”,负责人,2016-20176.深圳科技计划项目“大数据信息安全的关键技术研发”,副组长,2014-20167.国家自然科学基金面上项目“面向可信云服务的广义虚拟可信计算平台关键技术研究”(61073156),负责人,2011-20138.国家自然科学基金面上项目“以应用安全为核心的可信虚拟监控器安全机制研究”(60873238),负责人,2009-20119.国家自然科学基金面上项目“可信操作系统的基本理论与关键技术研究”(60970135),参与,2010-201210.国家自然科学基金面上项目“高安全等级安全操作系统关键技术研究”(60573042),参与,2006-200811.“核高基”国家重大专项“面向新型网络应用模式的网络化操作系统”(2009ZX01039-001-001),参与,2009-201012.“核高基”国家重大专项“国产操作系统参考实现”,参与,2009-201113.国家十一五预研项目,子课题负责人,2006-2009.14.国家科技支撑计划重大项目(2008BAH33B02)子课题“安胜安全操作系统应用”,副组长,2008-201015.IBMSUR共享大学研究项目“SecurityServicesofPrivateStorageCloud”负责人之一,2009-201116.IntelUPO大学项目“VirtualizationSecurityCurriculum”,负责人,2012-201317.华为合作研究项目“众核OS管理系统”负责人,2012-201318.2009华为高校科技基金项目“电信网络环境下云计算服务平台安全体系”,负责人,2009-201019.2008华为高校科技基金项目“广义可信虚拟计算平台安全体系结构研究”,负责人,2008-200920.华为委托合作项目“可信计算平台TPM在某系统中的应用”,负责人,2008-200921.北京市自然科学基金项目“高安全等级操作系统若干前沿问题研究”(4052016),参与,2006-200822.全国信息安全标准化技术委员会专项“基于可信计算平台的安全操作系统及相关标准研究”参与,200623.全国信息安全标准化技术委员会专项“高安全等级操作系统关键安全技术与规范”参与,200624.全国信息安全标准化技术委员会专项“可信计算跟踪研究”参与人,200525.中国科学院软件研究所预先研究项目“最高等级安全操作系统形式化方法研究”参与,2004-200626.中国科学院知识创新工程方向性项目“结构化保护级安全操作系统设计”参与,2002-2005已授权专利1.QingniShen,LanfangRen,ShaobinWang,YuanyouJin,etal.Method,ApparatusAndSystemforVirtualMachineMigrationDecision.EuropeanPatentNo:EP2352088,Sep.7,2016.2.QingniShen,LanfangRen,ShaobinWang,YuanyouJin,etc.Method,ApparatusandSystemforMakingaDecisionaboutVirtualMachineMigration.UnitedStatesPatentNo:US8413147B2,Apr.2,20133.沈晴霓,钱文君,杨雅辉,吴中海等。一种工作槽感知的Storm平台作业均分调度方法,授权专利号:ZL2016104046198,2019.7.44.沈晴霓,孙茜李聪,吴中海等。一种云环境中虚拟机负载均衡安全调度方法,授权号:ZL201610407666.8,2019.7.25.沈晴霓,董春涛,杨雅辉,吴中海等。一种面向大数据平台的基于用户分级的安全调度方法,授权专利号:ZL201610373850.5,2019.5.216.沈晴霓,李聪,杨雅辉,吴中海等。一种云环境下抗同驻的虚拟机部署方法,授权专利号:ZL201610371375.8,2019.3.227.沈晴霓,张智,陈康等。一种云环境下基于隐蔽通道的虚拟机同驻检测方法,授权号:ZL201410218538X,2018.4.108.沈晴霓,韩笑,方跃坚,吴中海。一种适用于移动端位置隐私保护的空间匿名化方法,授权专利号:ZL2014102677666,2018.1.59.沈晴霓,李文婷,杨雅辉,吴中海等。一种面向大数据平台的拒绝服务检测方法,授权专利号:ZL201610075208.9,2018.11.1310.沈晴霓,李才,郭明宇等。线程创建方法、业务请求处理方法及相关设备,授权专利号:ZL201310733930.3,2018.6.1511.沈晴霓,万冕,卿斯汉等,一种适用于移动云的客户端动态认证方法,中国,专利号:ZL201310227082.9,2016-02-1012.沈晴霓,李扬威,卿斯汉等,基于多核处理器的通信方法及其检测方法和控制方法,中国,专利号:ZL201110220307.9,2015-12-0913.沈晴霓,杨雅辉,禹熹,张力哲等,适用于存储云内的数据隔离方法.中国,专利号:ZL201110175541.4,2015-02-2514.沈晴霓,杨雅辉,杨欣等,一种基于可信计算的密钥生成、备份和迁移方法及系统,中国,专利号:ZL201110205512.8,2014-11-0515.杨雅辉,黄海珍,沈晴霓,吴中海。基于增量式GHSOM神经网络模型的入侵检测方法,中国,ZL201210206778.9,2014.1116.沈晴霓,张力哲,杨雅辉,吴中海.一种基于MapReduce机制的任务调度方法和系统.国家知识产权局发明专利.专利授权号:ZLCN2012102280313,2014年8月5日17.杨雅辉,阳时来,沈晴霓,黄海珍。一种基于半监督神经网络模型的网络入侵检测方法,中国,ZL201210074813.6,2014.718.沈晴霓孙鹏飞李扬威魏何.一种解决虚拟化平台多边冲突的方法及系统..国家知识产权局发明专利.专利授权号:ZLCN201110228801.X,2014年4月16日19.沈晴霓,任兰芳王绍斌靳远游魏磊李钊阮安邦石磊.一种虚拟机迁移决策方法、装置及系统.国家知识产权局发明专利.专利授权号:ZLCN200910108609.X,2013年11月6日20.杨雅辉沈晴霓张力哲禹熹吴尉泷王丹丹龙敏,适用于存储云间数据安全迁移的方法,.国家知识产权局发明专利.专利授权号:ZLCN201110101646.5,2013年11月4日21.沈晴霓,杨雅辉,劳振明,禹熹,吴尉泷,王丹丹,龙敏,适用于存储云内数据安全迁移的方法.国家知识产权局发明专利.专利授权号:ZLCN201110144862.8,2013年6月26日22.沈晴霓,阮安邦,靳远游,魏磊,王绍斌.一种虚拟机的管理方法、装置和系统.国家知识产权局发明专利.专利授权号:ZLCN200810180626.X,2013年6月12日23.杨雅辉,姜电波,沈晴霓,夏敏,张英,何家胜,一种基于生长型分级自组织映射神经网络的入侵检测方法.国家知识产权局发明专利.专利授权号:ZLCN201010228750.6,2012年1月18日24.卿斯汉,沈晴霓,李丽萍,唐柳英,季庆光.一种安全操作系统中实现最小特权控制的策略和方法.国家知识产权局发明专利.专利授权号:ZL,CN100401223,2008年7月9日主要教材沈晴霓,卿斯汉,操作系统安全设计,机械工业出版社(华章分社)(北京市精品教材).2013.9卿斯汉,沈晴霓,操作系统安全(第2版)(国家十一五规划教材),清华大学出版社.2011.6研究领域
主要研究方向包括:操作系统与虚拟化安全,云计算和大数据安全与隐私,可信计算,区块链安全等。"目前主要研究领域操作系统与虚拟化安全云计算和大数据安全与隐私可信计算等"近期论文
1. 罗杨,沈晴霓,吴中海. 一种基于元模型的访问控制策略描述语言, 软件学报,已录用(to appear) 2. 吴鹏飞,沈晴霓,秦嘉,钱文君,李聪,吴中海. 不经意随机访问机研究综述,软件学报,. 2018,29(9):2753-27773. 罗杨,沈晴霓,吴中海. 一种新的访问控制策略描述语言及其权限划分方法. 计算机学报, 2017.11,40(152).4. Cong Li, Yuejian Fang*, Xing Zhang, Cancan Jin, Qingni Shen, Zhonghai Wu. A Practical Construction for Large Universe Hierarchical Attribute-Based Encryption[J], Concurrency and Computation: Practice and Experience (CCPE) (SCI Indexed), 2016.5. 郭畅,沈晴霓,吴中海. 一种防止数据泄露的云存储优化模型,电子科技大学学报, 2016, 45(1): 118-122.6. 罗杨, 张齐勋, 沈晴霓, 刘宏志, 吴中海. 多层次的Android系统权限控制方法. 软件学报, 2015, 26(Suppl.(2)): 263-271.7. 张星, 文子龙, 沈晴霓, 方跃坚, 吴中海. 可追责并解决密钥托管问题的属性基加密方案. 计算机研究与发展, 2015, 52(10): 2293-2303.8. 沈晴霓, 李卿. 云计算环境中的虚拟机同驻安全问题综述. 集成技术, 2015 (5): 5-17.9. 沈晴霓,卿斯汉,吴中海,张力哲,杨雅辉. 基于动态域划分的安全冗余调度策略,通信学报,2014,35(1): 34-46, 201410. 方跃坚,沈晴霓,吴中海,一种超椭圆曲线密码处理器并行结构设计,计算机研究与发展,2013,50(11):2383-2388。 11. Qingni Shen,Yahui Yang, Zhonghai Wu, etc. Securing Data Services: A Security Architecture Design of Private Storage Cloud Based on HDFS, International Journal of Grid and Utility Computing , Volume 4, No.4,:242-254, 201312. 沈晴霓,杜虹,卿斯汉. 虚拟可信平台层次化安全体系结构设计. 北京工业大学学报. 2010第5期:36(5): 605-61013. Anbang Ruan, Qingni Shen*, Li Wang, etc. Towards a Source-Code Oriented Attestation. China Communications, Nov. 2009. Vol.6 No.4, pp: 82-87. (中英双稿) (SCI: WOS: 000272423100010)14. 沈晴霓, 卿斯汉, 贺也平,李丽萍 一种支持动态调节的最小特权安全策略架构, 电子学报 ,2006, 34(10): 61~66.15. 沈晴霓, 杜虹,文汉, 卿斯汉. 一种基于完整性度量架构的数据封装方法. 计算机研究与发展. 2012, 49(1):210-216.16. 卿斯汉, 李丽萍, 何建波, 沈晴霓. 基于DTE策略的安全域隔离Z形式模型. 计算机研究与发展, 2007, 44(11): 1881-188817. 沈晴霓, 卿斯汉, 李丽萍, 一种多层次的特权控制机制的设计与实现, 计算机研究与发展 , 2006, 43 (3): 423~42818. 沈晴霓, 卿斯汉, 贺也平, 沈建军, 多策略适应的一种POSIX权能遗传算法, 通信学报, 2006, 27(2): 66~72 19. 李丽萍, 卿斯汉, 贺也平, 沈晴霓, 基于访问控制空间的多策略安全体系结构, 通信学报, 2006, 27(2):107~112 会议论文 1. Pengfei Wu, Qingni Shen*, Robert H. Deng, Ximeng Liu, Yinghui Zhang, Zhonghai Wu*: ObliDC: An SGX-based Oblivious Distributed Computing Framework with Formal Proof. The 14th ACM Asia Conference on Computer and Communications Security (AsiaCCS 2019) : 86-99, Auckland, New Zealand, July 09-122. Mengyu Zhang, Hecan Zhang, Yahui Yang, Qingni Shen, PTAD: Provable and Traceable Assured Deletion in Cloud Storage. IEEE Symposium on Computers and communications (ISCC2019). Barcelona, Spain. June 2019.3. Lijing Cheng, Qingni Shen*, Chuntao Dong: Invader Job: A Kind of Malicious Failure Job on Hadoop YARN. The 54th IEEE International Conference on Communications (ICC 2018) , 20-24 May 2018 // Kansas City, MO, USA4. Tong Hui, Yahui Yang, Qingni Shen, Zhonghai Wu: Towards Real-Time Privacy Preservation: A Streaming Location Anonymous Method Based on Distributed Framework. The 54th IEEE International Conference on Communications (ICC 2018) , 20-24 May 2018 // Kansas City, MO, USA5. Yazhen Tian, Qingni Shen*, Ziyao Zhu, Yahui Yang, Zhonghai Wu: Non-Authentication Based Checkpoint Fault-tolerant Vulnerability in Spark Streaming. IEEE Symposium on Computers and communications (ISCC 2018): 783-786, 25-28 June, 2018, Natal, Brazil6. Yizhe Yang, Qingni Shen*, Wu Xin, Wenjun Qian, Yahui Yang, Zhonghai Wu: Memory Cache Attacks on Alluxio Impede High Performance Computing. 16th IEEE International Symposium on Parallel and Distributed Processing with Applications(ISPA 2018): 407-414, Melbourne, Australia, December 11-13, 2018.7. Yang Luo, Tian Puyang, Xiaoning Sun, Qingni Shen, Yahui Yang, Anbang Ruan, Zhonghai Wu*. RestSep: Towards a Test-Oriented Privilege Partitioning Approach for RESTful API. The 24rd International Conference on Web Services (ICWS 2017), June 25 - June 30, 2017, Honolulu, Hawaii, USA.8. Tian Puyang, Qingni Shen*, Yang Luo, Wu Luo, Zhonghai Wu. Making Least Privilege the Low-Hanging Fruit in Clouds, 53th IEEE International Conference on Communications (ICC 2017), Paris, France, 21-25 May, 2017. 9. Xinyu Feng, Cancan Jin, Cong Li, Yuejian Fang, Qingni Shen*, Zhonghai Wu. Practical Large Universe Attribute-Set Based Encryption in the Standard Model,the 19th International Conference on Information and Communications Security(ICICS 2017), December 6-8, 2017, Beijing, China.10. Xinyu Feng, Cancan Jin, Cong Li, Yuejian Fang, Qingni Shen*. Fully Secure Hidden Ciphertext-Policy Attribute-based Proxy Re-encryption, the 19th International Conference on Information and Communications Security(ICICS 2017), December 6-8, 2017, Beijing, China.11. Wenjun Qian, Qingni Shen*, Yizhe Yang, Yahui Yang, Zhonghai Wu. Statically Defend Network Consumption against Acker Failure Vulnerability in Storm, the 19th International Conference on Information and Communications Security (ICICS 2017), December 6-8, 2017, Beijing, China.12. Ziyao Zhu, Qingni Shen*, Yahui Yang, Zhonghai Wu. MCS: Memory Constraint Strategy for Unified Memory Manager in Spark, The 23rd IEEE International Conference on Parallel and Distributed Systems (ICPADS 2017), 15-17 December 2017, Shenzhen, China.13. Wu Xin, Qingni Shen, Yahui Yang, Zhonghai Wu*. SeEagle: Semantic-Enhanced Anomaly Detection for Securing Eagle, 9th EAI International Conference on Digital Forensics & Cyber Crime(ICDF2C2017),October 9-11 2017, Prague, Czech Republic, pp: 221-22714. Yang Luo, Hongbo Zhou, Qingni Shen, Anbang Ruany, Zhonghai Wu*. RestPL: Towards a Request-Oriented Policy Language for Arbitrary RESTful APIs, The 23rd International Conference on Web Services (ICWS 2016), June 27 - July 2, 2016, San Francisco, USA.15. Yang Luo, Wu Luo, Tian Puyang, Qingni Shen, Anbang Ruan, Zhonghai Wu: OpenStack Security Modules: A Least-Invasive Access Control Framework for the Cloud. 9th IEEE International Conference on Cloud Computing (CLOUD 2016): 51-58, San Francisco, CA, USA, June 27 - July 2, 2016.16. Yang Luo, Tian Puyang, Wu Luo, Qingni Shen, Anbang Ruan, Zhonghai Wu*. MultiPol: Towards a Multi-policy Authorization Framework for RESTful Interfaces in the Cloud, the 18th International Conference on Information and Communications Security (ICICS 2016):214-226, Singapore, Singapore, Nov. 29–Dec. 2, 2016.17. Chuntao Dong, Qingni Shen*, Lijin Cheng, Yahui Yang, Zhonghai Wu. SECapacity: A Secure Capacity Scheduler in YARN, the 18th International Conference on Information and Communications Security (ICICS 2016) :184-194, Singapore, Singapore, Nov. 29–Dec. 2, 2016.18. Wenjun Qian, Qingni Shen*, Jia Qin, Dong Yang, Yahui Yang, Zhonghai Wu. S-Storm: A Slot-aware Scheduling Strategy for Even Scheduler in Storm, The 18th IEEE International Conference on High Performance Computing and Communications(HPCC 2016), Sydney, Australia, December 12 - 14, 2016. IEEE, pp.623-630, 2016.19. Jin Cancan, Feng Xinyu, Shen Qingni. Fully secure hidden ciphertext policy attribute-Based Encryption with short ciphertext size, The 6th International Conference on Communication and Network Security (ICCNS 2016), Singapore, 2016.20. Wenting Li, Qingni Shen*, Chuntao Dong, Yahui Yang and Zhonghai Wu. DDHCS: Distributed Denial-of-service Threat to YARN Clusters Based on Health Check Service. 2nd International Conference on Information Systems Security and Privacy (ICISSP 2016) , Feb 19-21, 2016, Roman, Italy. 2016: 146-156.21. Zhang X, Jin C, Li C, Wen Z, Shen Q, Fang Y, Wu Z. Ciphertext-policy attribute-based encryption with user and authority accountability, in Proc. of the 11th International ICST Conference on Security and Privacy in Communication Networks (SecureComm’15) :500-518, Oct 26-29, 2015, Dallas, USA.22. Fang Y, Wen Z, Shen Q, et al. POSTER: Ciphertext-Policy Attribute-Based Encryption Method with Secure Decryption Key Generation and Outsourcing Decryption of ABE Ciphertexts, in Proc. of the 11th International ICST Conference on Security and Privacy in Communication Networks (SecureComm’15): 585-589, Oct 26-29, 2015, Dallas, USA.23. Chang Guo, Qingni Shen, Zhonghai Wu. UserRank: A User Influence-based Data Distribution Optimization Method, Chang Guo, 39th Annual International Computers, Software & Applications Conference Workshops(COMPSAC 2015) , pp.104-109, July 1-5, 2015, Tai chung, Tai wan.24. Zizhou Sun, Yahui Yang, Qingni Shen, Zhonghai Wu, Xiaochen Li. MB-DDIVR: A Map-based Dynamic Data Integrity Verification and Recovery scheme in Cloud Storage. The 17th International Conference on Information and Communications Security (ICICS 2015): 312-318, Dec 9-11, Beijing, China25. Zhang Xing, Jin Cancan, Wen Zilong, Shen Qingni, Fang Yuejian, Wu Zhonghai. Attribute-based encryption without key escrow. International Conference on Cloud Computing and Security (ICCCS’15): 74-87.26. Chuntao Dong, Qingni Shen*, Wenting Li, Yahui Yang, Zhonghai Wu. Eavesdropper: A Framework for Detecting the Location of the Processed Result in Hadoop. The Seventeenth International Conference on Information and Communications Security (ICICS 2015): 429-435, Dec 9-11, Beijing, China27. Ying Chen, Qingni Shen*,Pengfei Sun,Yangwei Li, Sihan Qing etc. Reliable Migration Module in Trusted Cloud based on Security Label-Design and Implementation. In Proc. of the 26th IEEE International Parallel & Distributed Processing Symposium Workshops (IEEE IPDPS 2012). May 21-25, 2012, Shanghai, China.28. Qingni Shen,Yahui Yang, Zhonghai Wu, Xin Yang, Lizhe Zhang, Xi Yu, Zhenmin Lao,Dandan Wang, Min Long. SAPSC: Security Architecture of Private Storage Cloud Based on HDFS. In Proc. of the 26th IEEE International Conference on Advanced Information Networking and Applications Workshops (WAINA-2012),Fukuoka, Japan, March 26-29, 201229. Pengfei Sun, Qingni Shen*,Ying Chen,Zhonghai Wu, Cong Zhang, Anbang Ruan, Liang Gu. POSTER: LBMS: Load Balancingbased on Multilateral Security in the Cloud. In Proc. of the 18th ACM Conference on Computer and Communications Security (ACM CCS 2011):861-864, October 17–21, 2011, Chicago, Illinois, USA.30. Xin Yang, Qingni Shen*, Yahui Yang, Sihan Qing. A Way of Key Management in Cloud Storage Based on Trusted Computing. In Proc. of the 8th IFIP International Conference on Network and Parallel Computing (IFIP NPC2011): 135-145, Changsha, China. 2011.1031. Qingni Shen, Xin Yang, Xi Yu, Yahui Yang, Zhonghai Wu. Towards Data Isolation and Collaboration in Storage Cloud. In Proc. of the 2011 IEEE Asia-Pacific Services Computing Conference (APSCC2011): 139-146. December 12-15, 2011,Jeju, Korea.32. Qingni Shen, Lizhe Zhang, Xin Yang, Yahui Yang, Zhonghai Wu, Ying Zhang. SecDM:Securing Data Migration Between Cloud Storage Systems. In Proc. of 2011 Ninth IEEE International Conference on Dependable, Autonomic and Secure Computing (CDAS2011): 636-641. December 12-14, Sydney, Australia.33. Song Luo, Qingni Shen*, Yongmei Jin,Zhong Chen. A Variant of Boyen-Waters Anonymous IBE Scheme. In Proc. of 13th International Conference on Information and Communication Security (ICICS2011): 42-56. Beijing, China, Nov.24-26, 2011. 34. Song Luo, Qingni Shen*,Zhong Chen,Fully Secure Unidirectional Identity-Based Proxy Re-encryption. In Proc. of the 14th International Conference on Information Security and Cryptology (ICISC 2011), Nov 30-Dec 2, 2011, Seoul, Korea.35. Cong Tang, Yonggang Wang,Hu Xiong, Tao Yang, Jianbin Hu, Qingni Shen, etc, Need For Symmetry: Addressing Privacy Risks in Online Social Networks, In Proc. of the 25th International Conference on Advanced Information Networking and Applications (AINA 2011), Biopolis, Singapore, March 22-25,2011 相关热点